4028c58dc2e2004bbed97de7bad99898cc5971cd7e56ec0c320fa2e2703b7ecc | Triage

Sharing

General

Target

76052d4b85ec76db757eb6b4d7587fba_JaffaCakes118
Size

674KB
Sample

240726-2jjc4asdnf
MD5

76052d4b85ec76db757eb6b4d7587fba
SHA1

a7cbdc3ec66ae4f285d754df0b88f23c28b8cf4b
SHA256

4028c58dc2e2004bbed97de7bad99898cc5971cd7e56ec0c320fa2e2703b7ecc
SHA512

9d61665165fa1b4163c54ee2196895b32466fe6db1e23586535ad36acb9fb64fa9dd7dd153a02a1b44277d593eec9e96ddbfe25c1084601c4cb8470d4de9f732
SSDEEP

12288:COwT6AVg9jzrpMPSK3+laYSnjj2FsgYSqKZdb/MJtptHmGgRC5IGxtIXc3AQ:6T6eaK3y9Sn32lYSJAVtGGgRCKgtIXcD

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  76052d4b85ec76db757eb6b4d7587fba_JaffaCakes118
- Size
  
  674KB
- MD5
  
  76052d4b85ec76db757eb6b4d7587fba
- SHA1
  
  a7cbdc3ec66ae4f285d754df0b88f23c28b8cf4b
- SHA256
  
  4028c58dc2e2004bbed97de7bad99898cc5971cd7e56ec0c320fa2e2703b7ecc
- SHA512
  
  9d61665165fa1b4163c54ee2196895b32466fe6db1e23586535ad36acb9fb64fa9dd7dd153a02a1b44277d593eec9e96ddbfe25c1084601c4cb8470d4de9f732
- SSDEEP
  
  12288:COwT6AVg9jzrpMPSK3+laYSnjj2FsgYSqKZdb/MJtptHmGgRC5IGxtIXc3AQ:6T6eaK3y9Sn32lYSJAVtGGgRCKgtIXcD
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence